<?php
 /*****************************************************************************
 * invoices.php                                                               *
 * Last Modified: 2007-06-06                                                  *
 *                                                                            *
 * invoices.php is used to output a list of the invoices in the database with *
 * a few options (all <default>, search invoiceNum, search customerID). This  *
 * file also allows administrators to add, delete or edit records. Users are  *
 * only allowed to view records; they may not add, delete or edit records.    *
 * All users may use the search feature.                                      *
 *                                                                            *
 * BBG_Billing, a PHP application using MySQL for creating and maintaining a  *
 * contacts and invoices database.                                            *
 *                                                                            *
 * @copyright Copyright (C) 2007, Bugs Bee Gone Computer Services             *
 * @owner     Daniel Barnett (Bugs Bee Gone Computer Services)                *
 * @author    Daniel Barnett <dbarnett@bugsbeegone.com>                       *
 * @website   http://www.bugsbeegone.com                                      *
 * @license   http://www.gnu.org/licenses/gpl.html GNU General Public License *
 * @package   BBG_Billing                                                     *
 * @name      invoices.php                                                    *
 * @version   1.0.0                                                           *
 * @uses      Jpmaster77's Login Script (Written by: Jpmaster77, 2004-08-19)  *
 *             ->(http://www.evolt.org/PHP-Login-System-with-Admin-Features/) *
 *                                                                            *
 * This file is part of the "BBG_Billing" PHP application.                    *
 *                                                                            *
 * BBG_Billing is free software; you can redistribute it and/or modify        *
 * it under the terms of the GNU General Public License as published by       *
 * the Free Software Foundation; either version 2 of the License, or          *
 * (at your option) any later version.                                        *
 *                                                                            *
 * BBG_Billing is distributed in the hope that it will be useful,             *
 * but WITHOUT ANY WARRANTY; without even the implied warranty of             *
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the              *
 * GNU General Public License for more details.                               *
 *                                                                            *
 * You should have received a copy of the GNU General Public License          *
 * along with BBG_Billing; if not, write to the Free Software                 *
 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA *
 *****************************************************************************/
 
 
  // Require session.php for user access control
	require "include/session.php";

  // If user is not logged in, redirect to main.php
	if(!$session->logged_in){
		header("Location: main.php");
		exit();
	}

  // Require config.inc.php for configuration variables
	require "config.inc.php";

  // Connect to MySQL
	mysql_connect($path, $username, $password);
  // Select database, if error die with error message
	@mysql_select_db($database) or die("Unable to select database.<br />" . mysql_error());

  // Get searchType, invoiceNum, and customerID from URL
	$searchType=$_GET['searchType'];
	$invoiceNum=$_GET['invoiceNum'];
	$customerID=$_GET['customerID'];
	
	// If invoiceNum != NULL and customerID = NULL...
	if(($invoiceNum != "") && ($customerID == "")) {
    // Define MySQL query to display all invoices with the given invoice number
		$query = "SELECT * FROM tblInvoices WHERE invoiceNum='" . $invoiceNum . "' ORDER BY invoiceNum, date ASC";
		// Set searchString to indicate the invoiceNum searched
		$searchString = 'Search Results for Invoice Number: "' . $invoiceNum . '"';
	} else {
    // If customerID != NULL and invoiceNum = NULL...
		if(($customerID!="") && ($invoiceNum=="")) {
      // Define MySQL query to display all invoices with the given customer ID
			$query = "SELECT * FROM tblInvoices WHERE customerID='" . $customerID . "' ORDER BY customerID ASC";
			// Set searchString to indicate the customerID searched
			$searchString = 'Search Results for Customer Number: "' . $customerID . '"';
    // If no conditions are met, display all invoices
		} else {
      // Define MySQL query to dispaly all invoices
			$query = "SELECT * FROM tblInvoices ORDER BY invoiceNum, date, customerID ASC";
			// Set searchString to indicate that all records are being displayed
			$searchString = "~ All Records ~";
		}  // End if(($customerID!="") && ($invoiceNum==""))
	}  // End if(($invoiceNum != "") && ($customerID == ""))

  // Execute MySQL query, if error die with error message
	$result = mysql_query($query) or die(mysql_error());

  // Determine how many rows were returned
	$num = mysql_numrows($result);

  // Close the connection
	mysql_close();

// Output the results of the MySQL query in table form
echo '<?xml version="1.0" encoding="utf-8"?>' . "\n";
echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">' . "\n";

echo '<html xmlns="http://www.w3.org/1999/xhtml">' . "\n";
	echo '<head>' . "\n";
		echo '<meta name="ROBOTS" content="NOODP, NOFOLLOW" />' . "\n";
		echo '<meta name="GOOGLEBOT" content="NOODP, NOFOLLOW" />' . "\n";
		echo '<title>Bugs Bee Gone - Billing - Invoices List</title>' . "\n";
		echo '<meta name="description" content="Bugs Bee Gone - Billing - Invoices List" />' . "\n";
		echo '<meta name="keywords" content="php, mysql, test, practice" />' . "\n";
		echo '<link rel="shortcut icon" href="" />' . "\n";
		echo '<link href="invoice.css" type="text/css" rel="stylesheet" />' . "\n";

		echo '<script type="text/javascript">' . "\n";
		  // If button "Clear Search" is clicked, redirect browser to invoices.php
			echo 'function clearSearch() {' . "\n";
				echo 'window.location="invoices.php";' . "\n";
			echo '}' . "\n";

      // If radio button "invoiceNum" clicked, disable customerID textbox
			echo 'function searchInvoiceNum() {' . "\n";
				echo 'document.search.invoiceNum.disabled=false;' . "\n";
				echo 'document.search.customerID.disabled=true;' . "\n";
			echo '}' . "\n";

      // If radio button "customerID" clieck, disable invoiceNum textbox
			echo 'function searchCustomerID() {' . "\n";
				echo 'document.search.customerID.disabled=false;' . "\n";
				echo 'document.search.invoiceNum.disabled=true;' . "\n";
			echo '}' . "\n";
		echo '</script>' . "\n";
	echo '</head>' . "\n";

	echo '<body onload="searchInvoiceNum()">' . "\n";
	echo '<p>Bugs Bee Gone</p>' . "\n";
	echo '<p style="font-weight:normal;"><a href="billing.php">Billing</a>' . "\n";
	echo ' -> Invoices List<br />&nbsp;<br />' . "\n";
	echo $searchString . '</p>' . "\n";

  // If no rows are returned by MySQL query on line 83...
	if($num == 0) {
    // Output message "No Records Found"
		echo '<br /><hr />' . "\n";
		echo '<br /><p style="color:red; text-align:center;">No Records Found</p>';
  // If rows are returned...
	} else {
    // Output the data in table format
		echo '<table width="100%" border="0" cellspacing="0" cellpadding="2" align="center">' . "\n";
		echo '<tr>' . "\n";
			echo '<th><font face="Arial, Helvetica, sans-serif">View</font></th>' . "\n";
			echo '<th><font face="Arial, Helvetica, sans-serif">Invoice Number</font></th>' . "\n";
			echo '<th><font face="Arial, Helvetica, sans-serif">Date</font></th>' . "\n";
			echo '<th><font face="Arial, Helvetica, sans-serif">Customer ID</font></th>' . "\n";
			echo '<th><font face="Arial, Helvetica, sans-serif">Company</font></th>' . "\n";
			echo '<th><font face="Arial, Helvetica, sans-serif">Name</font></th>' . "\n";
			echo '<th><font face="Arial, Helvetica, sans-serif">Edit</font></th>' . "\n";
			echo '<th><font face="Arial, Helvetica, sans-serif">Delete</font></th>' . "\n";
		echo '</tr>' . "\n";

    // Define incrementor variable and initialize to 0
		$i = 0;
		// Cycle through loop while $i is less than $num
		while($i < $num)
		{
      // Define data variables for data from tblInvoice
			$key = mysql_result($result,$i,"key");
			$invoice = mysql_result($result,$i,"invoiceNum");
			$date = mysql_result($result,$i,"date");
			$customer = mysql_result($result,$i,"customerID");

      // Connect to MySQL
			mysql_connect($path, $username, $password);
			// Select the database, if error die with error message
			@mysql_select_db($database) or die( "Unable to select database:<br />" . mysql_error());
			
			// Define new MySQL query
			$query2 = "SELECT * FROM tblContacts WHERE customerID='" . $customer . "' LIMIT 1";
			// Execute MySQL query, if error die with error message
			$result2 = mysql_query($query2) or die(mysql_error());

      // Determine number of rows returned
			$num2 = mysql_numrows($result2);

      // Define data variables for data from tblContacts
			$company = mysql_result($result2,0,"company");
			$firstName = mysql_result($result2,0,"firstName");
			$lastName = mysql_result($result2,0,"lastName");

      // Destroy the results stored in the $result2 array to make it available for new
      // data during next loop
			mysql_freeresult($result2);

      // Close connection
			mysql_close();

    // Create a new row for each loop
    // Output the data variables in their own cells
		echo '<tr>' . "\n";
			echo '<td class="border"><font face="Arial, Helvetica, sans-serif"><a href="viewInvoice.php?invoiceNum=' . $invoice . '">View</a></font></td>' . "\n";
			echo '<td class="border"><font face="Arial, Helvetica, sans-serif">' . $invoice . '</font></td>' . "\n";
			echo '<td class="border"><font face="Arial, Helvetica, sans-serif">' . $date . '</font></td>' . "\n";
			echo '<td class="border"><font face="Arial, Helvetica, sans-serif">' . $customer . '</font></td>' . "\n";
			// If company = NULL, output a placeholder space
			if($company == "") {
				echo '<td class="border">&nbsp;</td>' . "\n";
      // If company != NULL, output the company's name
			} else {
				echo '<td class="border"><font face="Arial, Helvetica, sans-serif">' . $company . '</font></td>' . "\n";
			}
			echo '<td class="border"><font face="Arial, Helvetica, sans-serif">' . $lastName . ", " . $firstName . '</font></td>' . "\n";
			// If logged in user is an administrator, allow them to edit and delete the invoice
			if($session->isAdmin()){
				echo '<td class="border"><font face="Arial, Helvetica, sans-serif"><a href="editInvoice.php?invoiceNum=' . $invoice . '">Edit</a></font></td>' . "\n";
				echo '<td class="border"><font face="Arial, Helvetica, sans-serif"><a href="confirmDeleteInvoice.php?invoiceNum=' . $invoice . '">Delete</a></font></td>' . "\n";
			// If logged in user is not an admin, output placeholder spaces
			} else {
				echo '<td class="border">&nbsp;</td>' . "\n";
				echo '<td class="border">&nbsp;</td>' . "\n";
			}
    // End the current row
		echo '</tr>' . "\n";

    // Increment the incrementor variable by 1
		$i++;
		}  // End while($i < $num)

		echo '</table>' . "\n";
  }  // End if($num == 0)

		echo '<br /><hr />' . "\n";
		
    // Output search elements
		echo '<div style="text-align: center;">' . "\n";
		echo '<p>Search Invoices:</p>' . "\n";
		echo '<form action="invoices.php" method="get" name="search">' . "\n";
			echo '<table border="0" width="300px">' . "\n";
			echo '<tr>' . "\n";
				echo '<td width="50%">' . "\n";
					echo '<input type="radio" name="searchType" value="invoiceNum" onfocus="searchInvoiceNum()" checked="checked">Invoice Number:<br />' . "\n";
					echo '<input type="radio" name="searchType" value="customerID" onfocus="searchCustomerID()">Customer ID:' . "\n";
				echo '</td>' . "\n";

				echo '<td width="50%">' . "\n";
					echo '<input type="text" name="invoiceNum" onclick="searchInvoiceNum()"><br />' . "\n";
					echo '<input type="text" name="customerID" onclick="searchCustomerID()">' . "\n";
				echo '</td>' . "\n";
			echo '</tr>' . "\n";

			echo '<tr>' . "\n";
				echo '<td colspan="2" width="100%" style="text-align:center;">' . "\n";
					echo '<input type="Submit" value="Search" name="search" /> <input type="button" onclick="clearSearch()" value="Clear Search" name="clear" />' . "\n";
				echo '</td>' . "\n";
			echo '</tr>' . "\n";
			echo '</table>' . "\n";
		echo '</form>' . "\n";
		echo '</div>' . "\n";

	echo '<hr />' . "\n";

  // If logged in user is an administrator, allow them to create a new invoice
	if($session->isAdmin()){
		echo '<p style="text-align:center;"><a href="newInvoice.php">Create New Invoice</a></p>' . "\n";
	}

	echo '</body>' . "\n";
echo '</html>' . "\n";
